Samuka007/asterinas
1
0
Fork 0
mirror of https://github.com/asterinas/asterinas.git synced 2025-06-22 00:43:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename "intel_tdx" feature to "cvm_guest"

Browse Source
This commit is contained in:
Hsy-Intel
2024-08-09 13:21:52 +08:00
committed by Tate, Hongliang Tian
parent ca41687a99
commit 8317c4c1e8
19 changed files with 37 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile
View File

@ -58,7 +58,6 @@ ifeq ($(INTEL_TDX), 1)
BOOT_METHOD = grub-qcow2
BOOT_PROTOCOL = linux-efi-handover64
CARGO_OSDK_ARGS += --scheme tdx
CARGO_OSDK_ARGS += --features intel_tdx
endif
ifneq ($(SCHEME), "")

2
OSDK.toml
View File

@ -44,7 +44,7 @@ qemu.args = "$(./tools/qemu_args.sh iommu)"
[scheme."tdx"]
supported_archs = ["x86_64"]
build.features = ["intel_tdx"]
build.features = ["cvm_guest"]
boot.method = "grub-qcow2"
grub.protocol = "linux"
qemu.args = """\

2
kernel/Cargo.toml
View File

@ -15,4 +15,4 @@ aster-time = { path = "comps/time" }
aster-framebuffer = { path = "comps/framebuffer" }
[features]
intel_tdx = ["ostd/intel_tdx", "aster-nix/intel_tdx"]
cvm_guest = ["ostd/cvm_guest", "aster-nix/cvm_guest"]

2
kernel/aster-nix/Cargo.toml
View File

@ -75,4 +75,4 @@ version = "1.0"
features = ["spin_no_std"]
[features]
intel_tdx = ["dep:tdx-guest"]
cvm_guest = ["dep:tdx-guest"]

4
kernel/aster-nix/src/device/mod.rs
View File

@ -10,7 +10,7 @@ mod urandom;
mod zero;
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
mod tdxguest;
use tdx_guest::tdx_is_enabled;
@ -41,7 +41,7 @@ pub fn init() -> Result<()> {
let tty = Arc::new(tty::TtyDevice);
add_node(tty, "tty")?;
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
let tdx_guest = Arc::new(tdxguest::TdxGuest);
if tdx_is_enabled() {

2
osdk/src/config/test/OSDK.toml.full
View File

@ -40,7 +40,7 @@ qemu.args = """\
[scheme."tdx"]
supported_archs = ["x86_64"]
build.features = ["intel_tdx"]
build.features = ["cvm_guest"]
boot.method = "grub-qcow2"
grub.mkrescue_path = "/tmp/osdk_test_file"
grub.protocol = "linux"

5
ostd/Cargo.toml
View File

@ -60,6 +60,7 @@ iced-x86 = { version = "1.21.0", default-features = false, features = [
tdx-guest = { version = "0.1.5", optional = true }
[features]
default = ["intel_tdx", "log_color"]
default = ["cvm_guest", "log_color"]
log_color = ["dep:owo-colors"]
intel_tdx = ["dep:tdx-guest", "dep:iced-x86"]
# The guest OS support for Confidential VMs (CVMs), e.g., Intel TDX
cvm_guest = ["dep:tdx-guest", "dep:iced-x86"]

6
ostd/src/arch/x86/cpu/mod.rs
View File

@ -22,7 +22,7 @@ use crate::{
};
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
use tdx_guest::tdcall;
use crate::arch::tdx_guest::{handle_virtual_exception, TdxTrapFrame};
}
@ -49,7 +49,7 @@ pub struct CpuExceptionInfo {
pub page_fault_addr: usize,
}
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
impl TdxTrapFrame for RawGeneralRegs {
fn rax(&self) -> usize {
self.rax
@ -220,7 +220,7 @@ impl UserContextApiInternal for UserContext {
self.user_context.run();
match CpuException::to_cpu_exception(self.user_context.trap_num as u16) {
Some(exception) => {
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
if *exception == VIRTUALIZATION_EXCEPTION {
let ve_info =
tdcall::get_veinfo().expect("#VE handler: fail to get VE info\n");

4
ostd/src/arch/x86/kernel/apic/ioapic.rs
View File

@ -16,7 +16,7 @@ use crate::{
};
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
use ::tdx_guest::tdx_is_enabled;
use crate::arch::tdx_guest;
}
@ -161,7 +161,7 @@ pub fn init() {
// FIXME: Is it possible to have an address that is not the default 0xFEC0_0000?
// Need to find a way to determine if it is a valid address or not.
const IO_APIC_DEFAULT_ADDRESS: usize = 0xFEC0_0000;
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
// SAFETY:
// This is safe because we are ensuring that the `IO_APIC_DEFAULT_ADDRESS` is a valid MMIO address before this operation.
// The `IO_APIC_DEFAULT_ADDRESS` is a well-known address used for IO APICs in x86 systems, and it is page-aligned, which is a requirement for the `unprotect_gpa_range` function.

8
ostd/src/arch/x86/mm/mod.rs
View File

@ -59,7 +59,7 @@ bitflags::bitflags! {
/// the TLB on an address space switch.
const GLOBAL = 1 << 8;
/// TDX shared bit.
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
const SHARED = 1 << 51;
/// Forbid execute codes on the page. The NXE bits in EFER msr must be set.
const NO_EXECUTE = 1 << 63;
@ -138,7 +138,7 @@ pub fn current_page_table_paddr() -> Paddr {
impl PageTableEntry {
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
const PHYS_ADDR_MASK: usize = 0x7_FFFF_FFFF_F000;
} else {
const PHYS_ADDR_MASK: usize = 0xF_FFFF_FFFF_F000;
@ -191,7 +191,7 @@ impl PageTableEntryTrait for PageTableEntry {
| parse_flags!(self.0, PageTableFlags::DIRTY, PageFlags::DIRTY);
let priv_flags = parse_flags!(self.0, PageTableFlags::USER, PrivFlags::USER)
| parse_flags!(self.0, PageTableFlags::GLOBAL, PrivFlags::GLOBAL);
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
let priv_flags =
priv_flags | parse_flags!(self.0, PageTableFlags::SHARED, PrivFlags::SHARED);
let cache = if self.0 & PageTableFlags::NO_CACHE.bits() != 0 {
@ -228,7 +228,7 @@ impl PageTableEntryTrait for PageTableEntry {
PrivFlags::GLOBAL,
PageTableFlags::GLOBAL
);
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
{
flags |= parse_flags!(
prop.priv_flags.bits(),

6
ostd/src/arch/x86/mod.rs
View File

@ -20,7 +20,7 @@ pub mod trap;
use cfg_if::cfg_if;
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
pub(crate) mod tdx_guest;
use {
@ -38,7 +38,7 @@ use core::{
use kernel::apic::ioapic;
use log::{info, warn};
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
pub(crate) fn check_tdx_init() {
match init_tdx() {
Ok(td_info) => {
@ -86,7 +86,7 @@ pub(crate) fn init_on_bsp() {
timer::init();
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
if !tdx_is_enabled() {
match iommu::init() {
Ok(_) => {}

2
ostd/src/arch/x86/tdx_guest.rs
View File

@ -484,7 +484,7 @@ pub unsafe fn protect_gpa_range(gpa: Paddr, page_num: usize) -> Result<(), PageC
Ok(())
}
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
impl TdxTrapFrame for TrapFrame {
fn rax(&self) -> usize {
self.rax

6
ostd/src/arch/x86/trap.rs
View File

@ -21,7 +21,7 @@ use crate::{
};
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
use tdx_guest::{tdcall, tdx_is_enabled};
use crate::arch::{cpu::VIRTUALIZATION_EXCEPTION, tdx_guest::handle_virtual_exception};
}
@ -43,7 +43,7 @@ pub fn is_kernel_interrupted() -> bool {
extern "sysv64" fn trap_handler(f: &mut TrapFrame) {
if CpuException::is_cpu_exception(f.trap_num as u16) {
match CpuException::to_cpu_exception(f.trap_num as u16).unwrap() {
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
&VIRTUALIZATION_EXCEPTION => {
let ve_info = tdcall::get_veinfo().expect("#VE handler: fail to get VE info\n");
handle_virtual_exception(f, &ve_info);
@ -139,7 +139,7 @@ fn handle_kernel_page_fault(f: &TrapFrame, page_fault_vaddr: u64) {
let paddr = vaddr - LINEAR_MAPPING_BASE_VADDR;
cfg_if! {
if #[cfg(feature = "intel_tdx")] {
if #[cfg(feature = "cvm_guest")] {
let priv_flags = if tdx_is_enabled() {
PrivFlags::SHARED | PrivFlags::GLOBAL
} else {

4
ostd/src/bus/mmio/mod.rs
View File

@ -20,7 +20,7 @@ use crate::{
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use ::tdx_guest::tdx_is_enabled;
use crate::arch::tdx_guest;
}
@ -33,7 +33,7 @@ pub static MMIO_BUS: SpinLock<MmioBus> = SpinLock::new(MmioBus::new());
static IRQS: SpinLock<Vec<IrqLine>> = SpinLock::new(Vec::new());
pub(crate) fn init() {
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
// SAFETY:
// This is safe because we are ensuring that the address range 0xFEB0_0000 to 0xFEB0_4000 is valid before this operation.
// The address range is page-aligned and falls within the MMIO range, which is a requirement for the `unprotect_gpa_range` function.

4
ostd/src/bus/pci/capability/msix.rs
View File

@ -20,7 +20,7 @@ use crate::{
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use ::tdx_guest::tdx_is_enabled;
use crate::arch::tdx_guest;
}
@ -104,7 +104,7 @@ impl CapabilityMsixData {
// Set message address 0xFEE0_0000
for i in 0..table_size {
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
// SAFETY:
// This is safe because we are ensuring that the physical address of the MSI-X table is valid before this operation.
// We are also ensuring that we are only unprotecting a single page.

2
ostd/src/lib.rs
View File

@ -63,7 +63,7 @@ pub fn init() {
arch::enable_cpu_features();
arch::serial::init();
#[cfg(feature = "intel_tdx")]
#[cfg(feature = "cvm_guest")]
arch::check_tdx_init();
// SAFETY: This function is called only once and only on the BSP.

6
ostd/src/mm/dma/dma_coherent.rs
View File

@ -19,7 +19,7 @@ use crate::{
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use ::tdx_guest::tdx_is_enabled;
use crate::arch::tdx_guest;
}
@ -78,7 +78,7 @@ impl DmaCoherent {
}
let start_daddr = match dma_type() {
DmaType::Direct => {
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `check_and_insert_dma_mapping` function checks if the physical address range is already mapped.
@ -133,7 +133,7 @@ impl Drop for DmaCoherentInner {
start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap();
match dma_type() {
DmaType::Direct => {
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `start_paddr()` ensures the `start_paddr` is page-aligned.

6
ostd/src/mm/dma/dma_stream.rs
View File

@ -16,7 +16,7 @@ use crate::{
};
cfg_if! {
if #[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))] {
if #[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))] {
use ::tdx_guest::tdx_is_enabled;
use crate::arch::tdx_guest;
}
@ -72,7 +72,7 @@ impl DmaStream {
start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap();
let start_daddr = match dma_type() {
DmaType::Direct => {
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `check_and_insert_dma_mapping` function checks if the physical address range is already mapped.
@ -177,7 +177,7 @@ impl Drop for DmaStreamInner {
start_paddr.checked_add(frame_count * PAGE_SIZE).unwrap();
match dma_type() {
DmaType::Direct => {
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
// SAFETY:
// This is safe because we are ensuring that the physical address range specified by `start_paddr` and `frame_count` is valid before these operations.
// The `start_paddr()` ensures the `start_paddr` is page-aligned.

2
ostd/src/mm/page_prop.rs
View File

@ -128,7 +128,7 @@ bitflags! {
/// (TEE only) If the page is shared with the host.
/// Otherwise the page is ensured confidential and not visible outside the guest.
#[cfg(all(target_arch = "x86_64", feature = "intel_tdx"))]
#[cfg(all(target_arch = "x86_64", feature = "cvm_guest"))]
const SHARED = 0b10000000;
}
}